mirror of
https://github.com/discourse/discourse.git
synced 2025-04-25 22:34:37 +08:00
92a4828f72
We want to skip the filter for sessions controller so that we can login and we want to skip the filter for static pages because those should be visible to visitors.
38 lines
953 B
Ruby
38 lines
953 B
Ruby
class StaticController < ApplicationController
|
|
|
|
skip_before_filter :check_xhr, :redirect_to_login_if_required
|
|
|
|
def show
|
|
|
|
page = params[:id]
|
|
|
|
# Don't allow paths like ".." or "/" or anything hacky like that
|
|
page.gsub!(/[^a-z0-9\_\-]/, '')
|
|
|
|
file = "static/#{page}.#{I18n.locale}"
|
|
|
|
# if we don't have a localized version, try the English one
|
|
if not lookup_context.find_all("#{file}.html").any?
|
|
file = "static/#{page}.en"
|
|
end
|
|
|
|
if lookup_context.find_all("#{file}.html").any?
|
|
render file, layout: !request.xhr?, formats: [:html]
|
|
return
|
|
end
|
|
|
|
raise Discourse::NotFound
|
|
end
|
|
|
|
# This method just redirects to a given url.
|
|
# It's used when an ajax login was successful but we want the browser to see
|
|
# a post of a login form so that it offers to remember your password.
|
|
def enter
|
|
params.delete(:username)
|
|
params.delete(:password)
|
|
redirect_to(params[:redirect] || '/')
|
|
end
|
|
|
|
|
|
end
|